Weaknesses of type CWE-276
907 resultsCVE-2023-38294MEDIUMCertain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsiEPSS 0.2%CVE-2023-42668MEDIUMIncorrect default permissions in some onboard video driver software before version 1.14 for Intel(R) Server Boards based on Intel(R) 62X ChiEPSS 0.2%CVE-2022-43701HIGHInsecure directory permissions on installer filesEPSS 0.2%CVE-2023-42928HIGHThe issue was addressed with improved bounds checks. This issue is fixed in iOS 17.1 and iPadOS 17.1. An app may be able to gain elevated prEPSS 0.2%CVE-2026-27680LOWCSS Injection vulnerability in SAP NetWeaver Application Server ABAPEPSS 0.2%CVE-2024-4679HIGHFolder Permission Vulnerability in JP1/Extensible SNMP AgentEPSS 0.2%CVE-2024-21123LOWVulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions that are affected are 19.3-19.23. Easily EPSS 0.2%CVE-2026-26034HIGHUPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03) contains an Incorrect Default Permissions (CWE-276) vulnerability that alloEPSS 0.2%CVE-2024-22428HIGH
Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Incorrect Default Permissions vulnerability. It may allow a local unpriviEPSS 0.2%CVE-2024-52926MEDIUMDelinea Privilege Manager before 12.0.2 mishandles the security of the Windows agent.EPSS 0.2%CVE-2024-52783MEDIUMInsecure permissions in the XNetSocketClient component of XINJE XDPPro.exe v3.2.2 to v3.7.17c allows attackers to execute arbitrary code viaEPSS 0.2%CVE-2023-28724HIGHNGINX Management Suite vulnerabilityEPSS 0.2%CVE-2025-0886HIGHAn incorrect permissions vulnerability was reported in Elliptic Labs Virtual Lock Sensor that could allow a local, authenticated user to escEPSS 0.2%CVE-2025-0014HIGHIncorrect default permissions on the AMD Ryzen(TM) AI installation folder could allow an attacker to achieve privilege escalation, potentialEPSS 0.2%CVE-2023-29162MEDIUMImproper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 maEPSS 0.2%CVE-2024-42188LOWHCL Connections is vulnerable to a broken access control vulnerabilityEPSS 0.2%CVE-2024-23847MEDIUMIncorrect default permissions issue exists in Unifier and Unifier Cast. If this vulnerability is exploited, arbitrary code may be executed wEPSS 0.2%CVE-2025-62577HIGHETERNUS SF provided by Fsas Technologies Inc. contains an incorrect default permissions vulnerability. A low-privileged user with access to EPSS 0.2%CVE-2024-27166HIGHInsecure permissionsEPSS 0.2%CVE-2024-13206HIGHREVE Antivirus reveinstall default permissionEPSS 0.2%